Fake DDoS Protection Alerts Distribute Dangerous RAT

Security vendor Sucuri says adversaries are injecting malicious JavaScript into numerous WordPress websites that triggers phony bot-related checks. [TechWeb]( Follow Dark Reading: [RSS]( August 23, 2022 LATEST SECURITY NEWS & COMMENTARY [Fake DDoS Protection Alerts Distribute Dangerous RAT]( Security vendor Sucuri says adversaries are injecting malicious JavaScript into numerous WordPress websites that triggers phony bot-related checks. [New 'BianLian' Ransomware Variant on the Rise]( Novel ransomware was created with the Go open source programming language, demonstrating how malware authors increasingly are opting to employ the flexible coding language. [Identity Security Pain Points and What Can Be Done]( Replacing passwords is not as easy as people think, but there is hope. [Metasploit Creator Renames His Startup and IT Discovery Tool Rumble 'runZero']( HD Moore's company has rebranded its IT, IoT, and OT asset discovery tool as the platform rapidly evolves. [(Sponsored Article) Zero Trust & XDR: The New Architecture of Defense]( Zero trust and XDR are complementary and both are necessary in today's modern IT environment. In this article, we discuss the intersection of zero trust and XDR. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Windows Vulnerability Could Crack DC Server Credentials Open]( The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim. [Cyber Resiliency Isn't Just About Technology, It's About People]( To lessen burnout and prioritize staff resiliency, put people in a position to succeed with staffwide cybersecurity training to help ease the burden on IT and security personnel. [Name That Toon: Vicious Circle]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE]( EDITORS' CHOICE [Patch Now: 2 Apple Zero-Days Exploited in Wild]( The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response. LATEST FROM THE EDGE [Expiring Root Certificates Threaten IoT in the Enterprise]( What happens when businesses' smart devices break? CSOs have things to fix beyond security holes. LATEST FROM DR TECHNOLOGY [Transitioning From VPNs to Zero-Trust Access Requires Shoring Up Third-Party Risk Management]( ZTNA brings only marginal benefits unless you ensure that the third parties you authorize are not already compromised. WEBINARS - [From Reactive to Proactive, Changing the Culture on API Security]( Statistics demonstrate that 95% of companies have experienced attacks targeting their usage of APIs in their modern applications, and this is most likely a concern for you. And yes, it's likely keeping you up at night. When using other people's code-via ... - [Using Identity & Access Management to Improve Cyber Defense]( End user credentials have become a central target for online attackers, enabling them to navigate your enterprise systems as trusted users. As online attackers target these credentials and end users seek to gain access to a wider variety of applications ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Implementing Zero Trust In Your Enterprise: How to Get Started]( - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Five Best Practices for AWS Security Monitoring]( - [Sumo Logic for Continuous Intelligence]( - [The Many Facets of Modern Application Development]( - [Ambush Attackers at the Endpoint with the Endpoint Detection Net (EDN) Suite]( [View More White Papers >>]( FEATURED REPORTS - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Practical Network Security Approaches for a Multicloud, Hybrid IT World]( The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network - [State of the Cloud: A Security Perspective]( Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [AuditBoard Launches Third-Party Risk Management Solution, Empowering Enterprises to Tackle IT Vendor Risk at Scale]( [Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Living on the Edge: Building and Maintaining Security at the Network Edge]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)